
United States Patent and Trademark Office 



UNITED STATES DEPARTMENT OF COMMERCE 
United States Patent and Trademark Office 

Address: COMMISSIONER FOR PATENTS 
P.O. Box 1450 

Alexandria, Virginia 22313-1450 
www.uspto.gov 



APPLICATION NO. 



FILING DATE 



FIRST NAMED INVENTOR 



ATTORNEY DOCKET NO. 



CONFIRMATION NO. 



10/028,653 



12/20/2001 



James M. Vignoles 



28875 7590 

Zilka-Kotab, PC 

P.O. BOX 721120 

SAN JOSE, CA 95172-1120 



08/13/2007 



NAI1P048/01.183.01 



2731 



EXAMINER 



PYZOCHA, MICHAEL J 



ART UNIT 



2137 



PAPER NUMBER 



MAIL DATE 



DELIVERY MODE 



08/13/2007 PAPER 

Please find below and/or attached an Office communication concerning this application or proceeding. 

The time period for reply, if any, is set in the attached communication. 



PTOL-90A (Rev. 04/07) 



Office Action Summary 


Application No. 

10/028,653 


Applicant(s) 

VIGNOLES ETAL. 


txaminer 

Michael Pyzocha 


Art Unit 

2137 





-- 77?e MAILING DATE of this communication appears on the cover sheet with the correspondence address -- 
Period for Reply 



A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) OR THIRTY (30) DAYS, 
WHICHEVER IS LONGER, FROM THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1.136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

Responsive to communication(s) filed on 26 June 2007 . 
2a)[X] This action is FINAL 2b)D This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quay/e, 1935 CD. 11, 453 O.G. 213. 

Disposition of Claims 

4) E3 Claim(s) 1,4,5,7.12.15,16,18,23 and 28-39 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6) G3 Claim(s) 1,4.5. 7, 12. 15.16. 18,23 and 28-39 is/are rejected. 

7) 0 Claim(s) is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) [X] The specification is objected to by the Examiner. 

10)D The drawing(s) filed on is/are: a)Q accepted or b)D objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1 .85(a). 

Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 
1 !)□ The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 

Priority under 35 U.S.C. § 119 

12)D Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 1 19(a)-(d) or (f). 
a)D All b)D Some * c)Q None of: 

1 .□ Certified copies of the priority documents have been received. 

2. D Certified copies of the priority documents have been received in Application No. . 

3. D Copies of the certified copies of the priority documents have been received in this National Stage 

application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 



Attachment(s) 

1) £3 Notice of References Cited (PTO-892) 

2) O Notice of Draftsperson's Patent Drawing Review (PTO-948) 

3) O Information Disclosure Statement(s) (PTO/SB/08) 

Paper No(s)/Mail Date . 



4) O Interview Summary (PTO-413) 

Paper No(s)/Mail Date. . 

5) C] Notice of Informal Patent Application 
•6) □ Other: . 



U.S. Patent and Trademark Office 
PTOL-326 (Rev. 08-06) 



Office Action Summary 



Part of Paper No./Mail Date 20070808 



Application/Control Number: 10/028,653 
Art Unit: 2137 



Page 2 



DETAILED ACTION 

1. Claims 1, 4, 5, 7, 12, 15, 16, 18, 23, 28-39 are pending. 

2. Amendment filed 02/22/2007 has been received and 
considered . 

Specification 

3. The specification is objected to as failing to provide 
proper antecedent basis for the claimed subject matter. See 37 
CFR 1.75(d)(1) and MPEP § 608.01(o). Correction of the 
following is required: Nowhere in the specification is a 
"tangible computer readable medium' 7 embodying a computer program 
product described and therefore the specification fails to 
provide antecedent basis for this claimed subject matter. 

Claim Rejections - 35 USC § 112 

4 . The following is a quotation of the first paragraph of 35 
U.S.C. 112: 

The specification shall contain a written description of the invention, and 
of the manner and process of making and using it, in such full, clear, 
concise, and exact terms as to enable any person skilled in the art to 
which it pertains, or with which it is most nearly connected, to make and 
use the same and shall set forth the best mode contemplated by the inventor 
of carrying out his invention. 

5. Claim 12 is rejected under 35 U.S.C. 112, first paragraph, 
as failing to comply with the written description requirement. 
The claim(s) contains subject matter which was not described in 



Application/Control Number: 10/028,653 
Art Unit: 2137 



Page 3 



the specification in such a way as to reasonably convey to one 
skilled in the relevant art that the inventor (s), at the time 
the application was filed, had possession of the claimed 
invention. Nowhere in the specification is "A computer program 
product embodied on a tangible computer readable medium" 
described and therefore the claims fail to conform to the 
written description requirement. 

Claim Rejections - 35 USC §103 

6. The following is a quotation of 35 U.S.C. 103(a) which 
forms the basis for all obviousness rejections set forth in this 
Office action: 

(a) A patent may not be obtained though the invention is not identically 
disclosed or described as set forth in section 102 of this title, if the 
differences between the subject matter sought to be patented and the prior 
art are such that the subject matter as a whole would have been obvious at 
the time the invention was made to a person having ordinary skill in the 
art to which said subject matter pertains. Patentability shall not be 
negatived by the manner in which the invention was made. 

7. Claims 1, 4, 5, 7, 12, 15, 16, 18, 23, 29, and 33 are 
rejected under 35 U.S.C. 103(a) as being unpatentable over 
ConSeal PC FIREWALL Technical Summary (hereinafter ConSeal) in 
view of Hari et al (Detecting and resolving packet filter 
conflicts) and in view of Coss et al (US 6098172) in view of 
Chan et al (US 6910028) and further in view of Jacobson (US 
6735701) . 
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As per claims 1, 12, 23, and 29, ConSeal discloses 
identifying a set of policies, each policy having a condition 
associated therewith; determining whether the conditions are 
met; and activating the policies whose associated conditions are 
determined to be met (see pages 1-2) wherein the activation of 
the policies includes adding the policies to a set of a 
plurality of active policies after a user confirmation, and 
executing security actions associated with the active policies 
if associated limits are met (see pages 1-2) . 

ConSeal fails to disclose the conditions represent 
different policies, which are based on priority and determining 
and resolving any conflicts and the conditions are based on a 
time factor, which is at least one of a timeframe, a 
predetermined time period, and a time limit, and the conditions 
are based on a source of the policies and a severity of security 
actions associated with the policies. 

However, Hari et al teaches such policy priorities and 
conflict resolution (see page 1204 section II) and Coss et al 
teaches the use of a time factor (see column 2 lines 29-41) Chan 
et al teaches the conditions include a source of the policy (see 
column 7 line 60 through column 8 line 33) and Jacobson teaches 
the conditions include a severity of security actions associated 
with the policies (see column 18 lines 15-30) . 
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At the time of the invention it would have been obvious to 
a person of ordinary skill in the art to use Hari et al's 
priorities, conflict resolution and the time factors of Coss et 
al, the source identification of Chan et al and the severity 
classification of Jacobson in the firewall system of ConSeal. 

Motivation to do so would have been to avoid matching 
multiple filters with conflicting actions (see Hari et al page 
1204 section II) and to allow a given rule set to be modified 
based on events happening in the network without requiring that 
the entire rule set be reloaded (see Coss et al column 2 lines 
29-41) it enables deep semantic guarantees including consistency 
(see Chen et al column 7 line 60 through column 8 line 33) and 
to allow for different policies to occur based compliance and 
severity (see Jacobson column 18 lines 15-49) . 

As per claims 4-5 and 15-16, the modified ConSeal, Hari et 
al, Coss et al, and Chan et al system discloses updating 
includes receiving another inactive policy, determining whether 
the user accepts the inactive policy, and adding the inactive 
policy to the set if the user accepts the inactive policy (see 
ConSeal page 2 ) . 

As per claims 7, 18, and 34-37, the modified ConSeal, Hari 
et al, Coss et al, and Chan et al system discloses determining 
whether the conditions associated with the active policies are 
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still met, and de-activating the active policies if the 
associated conditions are not met and reusing or discarding the 
de-activated policy (see bottom of page 1 to the top of page 2) . 

As per claim 33, the modified ConSeal, Hari et al, Coss et 
al, and Chan et al system discloses the identifying, determining 
and activating are controlled locally (see ConSeal page 1) . 
8. Claim 28 is rejected under 35 U.S.C. 103(a) as being 
unpatentable over the modified ConSeal, Hari et al, Coss et al, 
and Chan et al system as applied to claim 1 above, and further 
in view of Horvitz et al (US 2003021621) . 

As per claim 28, the modified ConSeal, Hari et al, Coss et 
al, and Chan et al system fails to disclose the conditions 
represent an urgency associated with an issue causing the policy 
to be activated. 

However, Horvitz et al teaches such a priority based on 
urgency (see paragraph 117) . 

At the time of the invention it would have been obvious to 
a person of ordinary skill in the art to use Brock et al's 
teaching of urgency based priority in the modified ConSeal, Hari 
et al, Coss et al, and Chan et al system. 

Motivation to do so would have been to facilitate efficient 
processing of electronic information while mitigating the costs 
of manual interventions associated therewith (see paragraph 6) . 
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9. Claims 30-32 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over the modified ConSeal, Hari et al, Coss et al, 
and Chan et al system as applied to claim 1 above, and further 
in view of Cisco (IPSec User Guide for the Cisco Secure PIX 
Firewall Version 5.2). 

As per claims 30-32, the modified ConSeal, Hari et al, Coss 
et al, and Chan et al system fails to disclose three policies 
with different priorities having different valid time periods. 

However Cisco teaches such polices (see "Enabling and 
Configuring IKE" pages 6-1 and 6-2) . 

At the time of the invention it would have been obvious to 
a person of ordinary skill in the art to use the policies of 
Cisco in the modified ConSeal, Hari et al, Coss et al, and Chan 
et al system. 

Motivation to do so would have been to allow the firewall 
to use Internet Key Exchange (see top of page 6-1) . 

10. Claim 38 is rejected under 35 U.S.C. 103(a) as being 
unpatentable over the modified ConSeal, Hari et al, Coss et al, 
and Chan et al system as applied to claim 1 above, and further 
in view of Gorsuch (US 6985746) . 

As per claim 38, the modified ConSeal, Hari et al, Coss et 
al, and Chan et al system fails to explicitly disclose the 
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conditions are based on the detection of a predetermined amount 
of files of a certain type. 

However, Gorsuch teaches filtering data based on the 
detection of a predetermined number of files of a certain type 
(see column 3 lines 32-37) . 

At the time of the invention it would have been obvious to 
a person of ordinary skill in the art for the condition of the 
modified ConSeal, Hari et al, Coss et al, and Chan et al system 
to be based on the detection of a predetermined amount of files 
of a certain type . 

Motivation to do so would have been to block potentially 
harmful files from being transmitted or to save bandwidth. 
11. Claim 39 is rejected under 35 U.S.C. 103(a) as being 
unpatentable over the modified ConSeal, Hari et al, Coss et al, 
and Chan et al system as applied to claim 1 above, and further 
in view of Yanovsky (US 7010807) . 

As per claim 39, the modified ConSeal, Hari et al, Coss et 
al, and Chan et al system fails to explicitly disclose the 
conditions are based on whether a virus signature update is 
current . 

However, Yanovsky teaches blocking a system access when the 
anti-virus software is out of date (see column 2 lines 5-11) . 
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At the time of the invention it would have been obvious to 
a person of ordinary skill in- the art for the conditions of the 
modified ConSeal, Hari et al, Coss et al, and Chan et al system 
to be based on whether a virus signature update is current. 

Motivation to do so would have been protect the system from 
potentially infected machines. 

Response to Arguments 

Applicant's arguments filed 06/26/2007 have been fully 
considered but they are not persuasive. Applicant argues that 
the specification provides support for a "tangible computer 
readable medium 7 '; the combination lacks motivation; Hari fails 
to teach that the first policy and second policy are activated 
under different priority-related conditions; Chan fails to teach 
the conditions are based on a source of the policies; Jacobson 
fails to teach the conditions are based on a severity of 
security actions associated with the policies; Horvitz fails to 
teach the conditions are based on an urgency associated with an 
issue causing the policy to be activated; ConSeal fails to teach 
activating the policy when a user confirms; and that ConSeal 
fails to teach the limitations of claims 34 and 37. 

With respect to Applicant's argument that the specification 
provides support for a "tangible computer readable medium" by 
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citing page 8 line 1-2, this merely discloses that the computer 
system has memory that is tangible. Therefore the rejections of 
claims 1, 23, 28, and 29 have been withdrawn. However, the 
rejection of claim 12 remains because the specification provides 
no support for the computer program product being provided on a 
tangible computer readable medium. 

With respect to Applicant's argument that the combination 
of ConSeal and Hari lacks motivation, as cited above Hari 
teaches motivation as avoiding matching multiple filters with 
conflicting actions. Applicant further contends that Hari does 
not teach the abovementioned motivation, however, the methods 
provided by Hari are all conflict resolution schemes. 
Therefore, the methods of Hari prevent multiple matched filters 
with conflicting actions from being used. Applicant further 
states that the Hari reference teaches a different (and 
improved) method for conflict resolution that does not use 
filter prioritization. While this may be true, the portions 
relied upon are the filter prioritization methods taught on page 
1204. Applicant also notes that Hari states that there are 
drawbacks to the cited prioritization methods, and therefore 
teaches away. However, Hari teaches the benefits of the methods, 
such as resolving conflicts and that they are simple to 
implement therefore Hari fulfills the requirement for some 
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teaching, suggestion, or motivation to do so found either in the 
references themselves or in the knowledge generally available to 
one of ordinary skill in the art. See In re Fine, 837 F.2d 
1071, 5 USPQ2d 1596 (Fed. Cir. 1988) and In re Jones, 958 F.2d 
347, 21 USPQ2d 1941 (Fed. Cir. 1992). 

With respect to Applicant's argument that Hari fails to 
teach activating policies under different priority-related 
conditions, as stated previously Hari discloses the use of 
priorities to resolve conflicts. To extend the example, as 
would be known to one of ordinary skill in the art, before the 
descriptions of a), b) , and c) on page 1204, to three filters Fx 
= (128.112.*,*) with A(Fi) = {100 Mbps bandwidth}, F 2 = (*, 
128.122.*) with A(F 2 ) = {1 Mbps bandwidth} and if we add F 3 = 
(*,*) with A(F 3 ) = {500 Kbps bandwidth} with F x having the 
highest priority and F 3 having the lowest, this third filter is 
well within the scope of Hori as Hori discloses the use of any 
number of filters with wildcards (*) . So whenever traffic comes 
to the filter from the network (128.112.*) destined for the 
network (128.122.*) there is a conflict between all three 
filters, since Fi has the highest priority it will be chosen. 
Therefore, Fi is chosen under a first priority-related condition. 
On the other hand, when traffic comes to the filter from 
anywhere but (128.112.*) and is destined to (128.122.*) there is 
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a conflict between F 2 and F 3 and since F 2 has a higher priority 
it will be chosen. Therefore F 2 is chosen under and second 
priority-related condition. So Hari teaches activating policies 
under different priority-related conditions. 

With respect to Applicant's argument that Chan fails to 
teach the conditions are based on a source of the policies Chen 
specifically teaches that the priority is based on the authority 
level of the originating source application. Therefore, the 
policies have a priority and this priority is based on the 
source application. Since each policy in the modified system is 
activated based on a condition that is based on a priority (as 
taught by Hari in the modified system) and Chen teaches that 
polices each have a priority based on its source. Therefore the 
modified system teaches that the conditions are based on a 
source of the policies. 

With respect to Applicant's argument that Jacobson fails to 
teach the conditions are based on a severity of security actions 
associated with the policies Jacobson teaches assigning a value 
based on a policy violation and that "Each policy has several 
actions ranging from lenient to restrictive" (see column 18 
lines 38-39) . Furthermore, the policy effectiveness module 
chooses the appropriate action based on the compliance value 
(see column 18 lines 15-30). In other words, the specific 
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action (defined by a policy and with different severities) is 
chosen based on the severity of the compliance violation. 
Therefore, the modified system teaches the conditions are based 
on a severity of security actions associated with the policies. 

With respect to Applicant's argument that Horvitz fails to 
teach the conditions are based on an urgency associated with an 
issue causing the policy to be activated, Horvitz teaches the 
well known idea of classification of messages, which influences 
a policy, based on urgency. Therefore, one of ordinary skill in 
the art would recognize the use of urgency to classify other 
information (conditions to activate a policy as in the modified 
system above) in a policy driven system to obtain predictable 
results . 

With respect to Applicant's argument that ConSeal fails to 
disclose determining whether a user confirms the activation of 
policies and activating based on the confirmation, when ConSeal 
is in the Checked Learning Mode and a packet arrives with no 
policy ConSeal creates at least two inactive polices (e.g. allow 
or block rules) and presents the user with these options. The 
user must then select one of these options therefore confirming 
the activation of the policy. Applicant next argues that 
ConSeal teaches away from this because it manages the 
environment specific rule sets behind the scenes, however, these 
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rules are constructed by the user (see bottom of page 2) via one 
of the learning modes described on page 2; including Checked 
Learning Mode. Therefore ConSeal does not teach away from the 
claimed limitations. 

With respect to Applicant's argument that ConSeal fails to 
teach the limitations of claims 34 and 37 the rule sets (active 
policies) are protected by a password and therefore dictate that 
only a user with the password can deactivate (i.e. edit or 
delete) the rule set. Therefore ConSeal teaches associated 
conditions of the policies dictate the manner in which the 
active policies are to be deactivated. Furthermore, when this 
password is used to change (i.e. edit or delete) a rule the 
previous rule is no longer in use (i.e. discarded) therefore 
reading on the claim language of claim 37. 

Conclusion 

12. THIS ACTION IS MADE FINAL. Applicant is reminded of the 
extension of time policy as set forth in 37 CFR 1.136(a). 

A shortened statutory period for reply to this final action 
is set to expire THREE MONTHS from the mailing date of this 
action. In the event a first reply is filed within TWO MONTHS 
of the mailing date of this final action and the advisory action 
is not mailed until after the end of the THREE-MONTH shortened 
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statutory period, then the shortened statutory period will 
expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1.136(a) will be calculated 
from the mailing date of the advisory action. In no event, 
however, will the statutory period for reply expire later than 
SIX MONTHS from the mailing date of this final action. 

Any inquiry concerning this communication or earlier 
communications from the examiner should be directed to Michael 
Pyzocha whose telephone number is (571) 272-3875. The examiner 
can normally be reached on 7:00am - 4:30pm first Fridays of the 
bi-week off. 

If attempts to reach the examiner by telephone are 
unsuccessful, the examiner's supervisor, Emmanuel Moise can be 
reached on (571) 272-3865. The fax phone number for the 
organization where this application or proceeding is assigned is 
703-872-9306. 
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Information regarding the status of an application may be 
obtained from the Patent Application Information Retrieval 
(PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status 
information for unpublished applications is available through 
Private PAIR only. For more information about the PAIR system, 
see http://pair-direct.uspto.gov. Should you have questions on 
access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free) . 
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